Call For Papers
Contact Us

  Authentication and Authorization in Cloud : Reviewing The Trend  
  Authors : Pratiba D; Dr. Shobha G; Arjun A
  Cite as:


Cloud computing is a new paradigm to deliver services over the Internet. Data Security is the most critical issues in a cloud computing environment. Authentication is a key mechanism for information security that establish proof of identities to get access of information in the system. Authorization is an important identity service to avoid unauthorized access to cloud resources. According to various researches, access control and user authentication are the most important security concerns and challenging issues in cloudbased environments. In this context, in order to prevent the unauthorized access of the distributed system components, authentication and authorization functions are to be enforced effectively. In this paper, we make an analysis of various mechanisms for access control in cloud environment and identified various issues during authentication and authorization process.


Published In : IJCSN Journal Volume 3, Issue 6

Date of Publication : December 2014

Pages : 577 - 579

Figures :--

Tables : --

Publication Link : Authentication and Authorization in Cloud : Reviewing The Trend




Pratiba D : R V College of Engineering Bangalore, Karnataka, India

Dr. Shobha G : R V College of Engineering Bangalore, Karnataka, India

Arjun A : R V College of Engineering Bangalore, Karnataka, India








Cloud Computing

Access Control


This paper analyzes various proposed models for user authentication and access control mechanism in cloud environment and identifies the various issues raised during the process. The issues includes trust establishment among cloud entities, security policies conflict management and break glass mechanism for accessing cloud resources during emergency.










[1] David Hakobyan, “Authentication and Authorization Systems in Cloud Environments”, Master of Science Thesis, Stockholm, Sweden 2012, TRITA-ICT-EX- 2012:203 [2] Yonghe Wei, Chunjing Shi, Weiping Shao, ”An Attribute and Rolebased Access Control Model for Service-Oriented Environment”, IEEE ,2010, pp. 4451- 4455 [3] Chang. N. Zang, Cungang Yang, ”An Object-Oriented RBAC Model for Distributed System”, in Proc. Working IEEE/IFIP Conference on Software Architecture, 2001, pp. 24-32. [4] Kumar Gunjan, G. Sahoo, R.k.Tiwari, ”Identity Management in Cloud Computing-A Review”, International Journal of Engineering Research and Technology (IJERT), ISSN: 2278-0181, Vol.1 issue 4, June-2012 [5] Mostafa Hajivali, Maen T. Alrashdan, Faraz Fatemi Moghaddam, Abdualeem Z. M. Alothmani, “Applying an Agent-Based User Authentication and Access Control Model for Cloud Servers”, IEEE, 2013,pp. 807-812 [6] V. Varadharajan, N. Kumar, Y. Mu, ”Security Agent Based Distributed Authorization: An Approach”, the 21st National Information Systems Security Conference (NISSC), USA, pp. 315-328(1998). [7] J.-C. Birget, X. Zou, G. Noubir, B. Ramamurthy, ”Hierarchy-Based Access Control in Distributed Environments”, IEEE International Conference on Communication, 2001, vol. 1, pp. 229-233 [8] Cungang Yang, Chang N. Zhang,”Designing Secure ECommerce with Role-based Access Control”, in Proc. IEEE International Conference on E-Commerce, 0- 7695-1969-5/03, 2003 [9] Lingli Zhao, Shuai Liu, Junsheng Li, Haicheng Xu, Lingli Zhao, Shuai Liu,”A Dynamic Access Control model based on Trust”, 2nd Conference on Environmental Science and Information Application Technology,2010, pp. 548-551. [10] Faith Turkmen, Eunjin (EJ) Jung, Bruno Crispo, ”Towards Run-time Verification in Access Control”, IEEE International Symposium on Policies for Distributed Systems and Networks, 2011, pp. 25-32. [11] Maninder Singh , Sarbjeet Singh, “Design and Implementation of Multi-tier Authentication Scheme in Cloud”, Intern ational Journal of Computer Science Issues(IJCSI), ISSN (Online):1694-0814, Vol. 9, Issue 5, No 2, pp. 181-187, September 2012. [12] Sanjeet Kumar Nayak, Subasish Mohapatra, Banshidhar Majhi, “ An Improved Mutual Authentication Framework for Cloud Computing”, International Journal of Computer Applications (0975 – 8887) Volume 52– No.5, pp. 36-41, August 2012 [13] Avvari Sirisha , G. Geetha Kumari, “API Access Control in Cloud Using the Role Based Access Control Model”, IEEE , 2010 , pp. 135-137. [14] Hua-Hong Zhu, Qian-Hua He, Hua-Hong Zhu, Hong Tang, Wei-Hua Cao, “Voiceprint-Biometric Template Design and Authentication Based on Cloud Computing Security “, IEEE International Conference on Cloud and Service Computing,2011,pp.302-308 [15] Antonio Celesti, Francesco Tusa, Massimo Villari and Antonio Puliafito, “Three-Phase Cross-Cloud Federation Model: The Cloud SSO Authentication”,IEEE Second International Conference on Advances in Future Internet, 2010, pp. 94-101 [16] Abdelmajid Hassan Mansour Emam, “Additional Authentication and Authorization using Registered Email-ID for Cloud Computing “ , International Journal of Soft Computing and Engineering (IJSCE) ISSN: 2231-2307, Volume-3, Issue-2, May 2013, pp. 110-113. [17] Ashish G. Revar, Madhuri D. Bhavsar, “Securing User Authentication using Single SignOn in Cloud Computing” , IEEE , 2011, pp. 1-4. [18] Rohitash Kumar Banyal, Pragya Jain, Vijendra Kumar Jain,” Multi-factor Authentication Framework for Cloud Computing”,IEEE Fifth International Conference on Computational Intelligence, Modelling and Simulation,2013,pp. 105-110. [19] Manoj V. Thomas, K. Chandra Sekaran, “Agent-Based Approach for Distributed Access Control in Cloud Environments”, 2013 International Conference on Advances in Computing, Communications and Informatics (ICACCI),IEEE, pp. 1628-1633.